Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
The Courts Government News

DeCSS' Continuing Saga 226

blankmange writes "Newsbytes is carrying a followup on the DeCSS and 2600's court cases: "The Electronic Frontier Foundation and the First Amendment Project today asked the California Supreme Court to uphold a lower court's decision to permit publication of the source code for DeCSS technology, which circumvents digital copy protection systems." Maybe it's not over yet..."
This discussion has been archived. No new comments can be posted.

DeCSS' Continuing Saga

Comments Filter:
  • but its stull sux (Score:1, Insightful)

    by jdwilso2 ( 90224 )
    ... the 2600 case will probably never be won... but how many of the general populace even know what decss is?

    its all about the information... the people need to know, or we'll always lose...
    • the people need to know, or we'll always lose...

      More importantly, the people need to CARE. The People don't care because this does not concern them (in their eyes). The People can still watch their DVDs, so why should they care if a few people can't copy DVDs?

      • by www.sorehands.com ( 142825 ) on Thursday May 23, 2002 @02:47PM (#3574728) Homepage
        so why should they care if a few people can't copy DVDs?

        That is the problem, and by calling it an issue of DVD copying you further the problem. This is not an issue of being able to copy DVDs or to post code. This is an issue of linking to someone that posts code. The next step is to stop someone from talking about DeCSS. Soon, if there is a crime, the TV news cannot report on the crime -- hearing about the crime might enable someone to commit the crime.
        • This is an issue of linking to someone that posts code

          Interesting point. Warning, this is not a troll, this is a legit question that I think is a good analogy here. If sorehands is correct, lets say I have a website that has a link to some kiddie porn. Now I don't host the porn myself, I just knowingly have a link to it. Now is my linking to it illegal? If my site were a kiddie porn search engine, would it make it any more legal since I only provide a service. More interestingly, if my site were a site for parents so they could have a list of kiddie porn sites to say add to their nanny filters, would _that_ be illegal. Does the intent of my site make a difference since the link is there all the same?

          One thing I do have a beef about, and that's people who use the "give'em an inch and they'll take a mile" mentality. "the TV news cannot report on the crime", yeah, right. And soon even mentioning crime would be illegal, heck even muttering the word will get you thrown in the slam. Sorry, had to have my little rant there.
          • I don't see where linking to anything should make you liable for the contents you link to, especially as an individual. I mean, someone walks up to you and says, "Hey, do you know where I can get a gun?" You say, "Yeah, there's a pawn shop down the street." Then that guy goes there, buys a gun, and proceeds to mow down a schoolyard full of children. Are you an accessory to mass murder, because you disseminated information to him?

            If you want to hold someone responsible for breaking laws, go after the person who actually broke the law. I swear, this crap is just another example of how in the United States, we have this need to displace responsibility for a person's actions. A.k.a. the land of the lawsuit.

            In this particular type of case, it seems like such an easy line to draw. If anything, the people who are linking to such information are providing a service to the people who want it shut down. The more linking there is, the easier it is to find who they're looking for and go after her.

            I won't speak to the legitimacy of actually hosting this data. That's another question entirely. But linking to it? There should be no question about the legitimacy of that.

            • But we are talking about the law and what "should" be illegal or legal. The question is if you knowingly (and I think that's an important, though admittidly fuzzy, key term) link to a site that has illegal contents, should that be illegal. Note that I am NOT talking about it breaking the SAME law as the content itself, but just that it is illegal.
          • The biggest problem I have with making linkers responsible for the content they link to is that the content can be changed by others without the linker taking any action of any kind, or even being aware of it. Let's say I link to a computer science page that has several well known, helpful algorithms for people to look at. Then unbeknownst to me, after I made that link the maintainer of that site decides to add DeCSS to the list of algorithms shown on the site. Why the hell should I be responsible for that? It wasn't there when I made the link.

            Judges have no freakin' clue how dynamic the WWW is.


            • This is just yet another part of the problem of people not understanding linking in general (and one that I'll admit I hadn't thought of in those terms).

              I guess the concept of what a URL really is (the difference between information as to the location of a document and the document itself) is just "too technical". Given that what a user sees in a browser is a blue, underlined title (which they've been trained to recognize as something they are supposed to click on) on your web page "turning into" the other document, how could they not think of your page as containing that document?

              Is it that they can't comprehend that "All that's actually there is the equivalent of a library card-reference, or an ISBN number, and when you click it, you're asking your computer to use that information, find the other document, and display it in place of this one."? That's the best way I've come up with to word it, but I still see a lot of glazed-over eyes.

              But wait -- lawyers and judges (aside from being pretty smart fellas in general, jokes about them notwithstanding) have their own system of references to legal texts. They fully understand how the inclusion in a brief of a reference to a piece of case law, or a section of a statute, or whatever, is equivalent to, but not the same as, attaching a copy of that text, because they know that the reader will (a) understand the conventions used and (b) have access to a law library where they can look it up. Is the connection so hard to make?

              Maybe they (back to people in general, not just lawyers and judges) do understand that part, for what it's worth, but just don't see what's so important about it -- maybe the funny looks are not so much "What are you talking about?" as "So what's the big deal?"

              The thing is, the whole power of hypertext -- fundamentally, what makes the web so revolutionary -- is precisely the fact that it blurs the line between reference and content. In a world where everyone has at his disposal armies of little gnomes who can, in a matter of seconds and at marginal cost, dash off to the Library of Congress, get a copy of a book, and bring it back to you, whenever you merely give them a reference number, giving someone such a number really is in a sense "equivalent" to giving them a copy of the book.

              This does lead to legal issues -- in this case, it's the legality of the linked-to content and the linker's liability therefor; in other cases like deep-linking of articles and images, it's the copyright status of that content. In either case, the response to the conflict depends on one's assumptions and priorities.

              Should the policy be: "Well, since we obviously can't restrict mere linking, for freedom-of-speech reasons, and since linking is in a sense equivalent to dissemination, I guess that (to that extent) we can't restrict dissemination either, and if copyright interests suffer, too bad."?

              Or should it be: "Well, since we obviously can't allow free dissemination, for copyright reasons, and since linking is in a sense equivalent to dissemination, I guess that (to that extent) we can't allow free linking either, and if freedom of speech suffers, too bad."?
        • DeCSS is not just for copying DVDs. Its intent is to allow playing of DVDs on any computer, not just the ones approved by the Motion Picture industry.

      • so why should they care if a few people can't copy DVDs?

        But for what purpose are you trying to copy the dvd. Only two legit ones come to mind, format shifting and backups (actually a third one also comes to mind, and that's to make an addtional copy for our minivan since it has a dvd player as well). All the publishers have to do is to provide a way to cheaply (i.e. free/
        So, other than "just cuz", can you come up with any other compelling reasons why a person would need to be able to copy their dvd's? And if not, why is the industries attempts to prevent people from doing so such a dastardly thing?
    • Re:but its stull sux (Score:3, Informative)

      by Chris Burke ( 6130 )
      Considering that the reporting organization doesn't know that DeCSS gets around the -playback- control mechanism, not the -copy protection- mechanism(since there isn't one), I'd say we're pretty screwed.
  • by Anonymous Coward on Thursday May 23, 2002 @02:36PM (#3574628)
    #include
    typedef unsigned int uint;
    char ctb[512]="33733b2663236b763e7e362b6e2e667bd393db06 43034b96de9ed60b4e0e4\
    69b57175f82c787cf125a1a528 fca8ac21fd999d1004909419 0d898d001480840913d7d35246\
    d2d65743c7c34256c2c64 75dd9dd5044d0d4594dc9cd4054c0 c449559195180c989c11058185\
    081c888c011d797df0247 074f92da9ad20f4a0a429f53135b8 6c383cb165e1e568bce8ec61bb\
    3f3bba6e3a3ebf6befeb6 abeeaee6fb37773f2267276f723a7 a322f6a2a627fb9f9b1a0e9a9e\
    1f0b8f8b0a1e8a8e0f15d 1d5584cd8dc5145c1c5485cc8cc41 5bdfdb5a4edade5f4bcfcb4a5e\
    cace4f539793120692961 703878302168286071b7f7bfa2e7a 7eff2bafab2afeaaae2ff";
    typedef unsigned char uchar;uint tb0[11]={5,0,1,2,3,4,0,1,2,3,4};uchar* F=NULL;
    uint lf0,lf1,out;void ReadKey(uchar* key){int i;char hst[3]; hst[2]=0;if(F==\
    NULL){F=malloc(256);for(i=0;i>2) ^(lf0>>16 ))b=((lf1\
    >>12)^(lf1>>20)^(lf1>>21)^(lf1&g t;>24))lf0=(lf0>1)\
    |(a>1)|(b>8)+x+y;} void \
    CSSdescramble(uchar *sec,uchar *key){uint i;uchar *end=sec+0x800;uchar KEY[5];
    for(i=0;i=0;\
    i--)key[tb0[i+1]]=k[tb0[i+ 1]]^F[key[tb0[i+1]]]^key [tb0[i]];}void CSStitlekey2\
    (uchar *key,uchar *im){uchar k[5];int i;ReadKey(im);for(i=0;i=0;i--)key[tb0[i+1]]=k[tb0[ i+1]]^F[key[tb0[i+1]]]^key\
    [tb0[i]];}void CSSdecrypttitlekey(uchar *tkey,uchar *dkey){int i;uchar im1[6];
    uchar im2[6]={0x51,0x67,0x67,0xc5,0xe0,0x00};for(i=0;i6; i++)im1[i]=dkey[i];
    CSStitlekey1(im1,im2);CSStitl ekey2(tkey,im1);}

    • would you post it again, this time taking care with your < and > symbols? i was about to copy it when i noticed that the include was missing its argument. I could probably fix that, but who knows what else is broken...
    • by Anonymous Coward on Thursday May 23, 2002 @02:48PM (#3574731)
      you fool!! 7 lines of perl!

      #!/usr/bin/local/perl
      s''$/=\2048;while(<>){G=2 9;R=142;if((@a=unqT ="C*",_)[20]&48){D=89;_=unqb24,qT,@
      b=map{ord qB8,unqb8,qT,_^$a[--D]}@INC;s/...$/1$&/;Q=unqV , b25,_;H=73;O=$b[4]<<9
      |256|$b[3];Q=Q>>8^(P=(E=255 )&(Q>>1 2^Q>>4^Q/8^Q))<<17,O=O>>8^(E&amp ; F=(S=O>>14&7^O)
      ^S*8^S<<6))<<9,_=(map{U=_%16orE^= R^=11 0&(S=(unqT,"\xb\ntd\xbz\x14d")[_/16%8]);E
      ^=(72,@ z=(64,72,G^=12*(U-2?0:S&17)),H^=_%64?12 : ,@z)[_%8]}(16..271))[_]^((D>>=8
      )+=P+(~F&E))for@a [128..$#a]}print+qT,@a}';s/[D -HO-U_]/\$$&/g;s/q/pack+/g;eval
      • That's a "she-bang" with 6 lines of Perl!
      • by DunbarTheInept ( 764 ) on Thursday May 23, 2002 @04:25PM (#3575319) Homepage
        Counting lines is a stupid way to measure code complexity. That 7 (6?) lines of perl is equally complex to the longer C code up above. The only reason you got it to fit in less lines was that you used shorter variable names, and more abbreviated shorthand ways of calling the same kinds of routines. To get a better idea of how complex a snippet of code is, don't count the lines, count the number of language tokens used. For example:

        while( )
        { G = 29;
        R = 142;
        ...etc...
        is no more amount of code than: while(){G=29;R=142;...etc...
        They both have the exact same grammar, and use the same number of tokens. They both take just as long to execute, but the more compact version takes more time for a human being to read. What is it about Perl that tends to make its proponets enjoy making write-only code?

    • by Kingstrum ( 169196 ) on Thursday May 23, 2002 @02:51PM (#3574757)
      I'm sorry, could you phrase your question in the form of a virus ?

      *wink wink, nudge nudge*

      Wouldn't it be a pity if some wretched soul were to send out a virus whose sole purpose was to leave a copy of DeCSS in every computer it touched? Maybe buried 12 folders deep in some random spot on half the world's Windows boxes...

      The MPAA's own servers hosting a pop-up ad with the minimal Perl script showing up every now and then...

      Seems to me the "troublemakers" in our midst have been laying down on the job...so let's get going, boyos and girlos!

    • Oh my God! I looked at it! Now the movie industry will try to have my eyeballs removed just in case there is some residual imprint on the back of them!
    • ...76f723a7 a322f6a2...

      looks like the annoying space that slashcode throws in really long strings has come to the rescue: this probably won't compile correctly.
      That raises the question though, what if 2600 had originally posted the code with a small bug in it that could easily be seen and removed. On its own the code would not do anything illegal, since it wouldn't compile. However, by using simple debugging (i'm not talking about more than one error, or a complicated one) it could be made to do something that they could attack.
      Or maybe i'm way off, because I haven't really been following this issue too closely.
    • Uh... that code is absolutely useless without a compiler. No wonder it's common knowledge!

      Now that it's out in the open, anything that would make that code usefull for defeating CSS would be illegal.

      It will be hard to continue working as a software writer now that C compilers are illegal. But, I guess I'll just have to make do...

  • 2600 (Score:1, Informative)

    by mattyohe ( 517995 )
    It is a scary time to be someone like 2600 now.
  • by jdavidb ( 449077 ) on Thursday May 23, 2002 @02:39PM (#3574652) Homepage Journal

    In the brief, the DVD CCA argued that, "neither DeCSS nor Bunner's posting of it on the Internet is pure speech." Instead, the group said, courts have treated computer code as "nonspeech" or "mixed speech and content."

    All you l33t h4x0rz out there think you're entitled to free speech. That's just fine and dandy with the MPAA. Just remember that you're not allowed to put content into your speech without a license.

    • actully, the fact that they have numbers intead of vowels in their name automatically disqualifies them from free speech.

    • by js7a ( 579872 )
      If it weren't for the fact that felt-tip pens, through the most hilarious twist of fate in a long time, have been outlawed as circumvention devices by the DMCA, then there would be little chance of exposing the absurdity and abject unconstitutionality of the DMCA to nontechnical men and women on the street -- and in the jury box.

      As of last week, this was too close to call. Now the DMCA doesn't have a chance.

      Thank you, Sony, for the copy protection scheme that outlawed the sharpie! Humanity can not thank you enough for the amount of wasted time you've saved. Somewhere on Sony's recently pensioned retirement roles I just know there is some Japanese engineer chuckling silently to himself. Too bad he can't tell his countrymen how he saved the U.S. from the corporate media monopolies.

      • Well, I don't know that an engineer is chuckling about this. I'm sure someone came to work swinging a battle-axe the morning this story broke. My guess was that they did the equivalent of throwing a team of VB programmers at an enterprise application project. Generally, they can prove that VB is the tool for making programs quickly and cheaply. It is usually AFTER the program is made and in production that the catastrophic failures are found.
    • Just remember that you're not allowed to put content into your speech without a license.

      Of course not, because then they wouldn't be able to control all content.

    • So post it as pseudo code:

      Typedef an unsigned int as uint.
      Next, define a 512 byte static character array containing the following characters:
      "33733b2663236b763e7e362b6e2e667bd393 db06 43034b96de9ed60b4e0e4\
      69b57175f82c787cf125a1a528 fca8ac21fd999d1004909419 0d898d001480840913d7d35246\
      d2d65743c7c34256c2c64 75dd9dd5044d0d4594dc9cd4054c0 c449559195180c989c11058185\
      081c888c011d797df0247 074f92da9ad20f4a0a429f53135b8 6c383cb165e1e568bce8ec61bb\
      3f3bba6e3a3ebf6befeb6 abeeaee6fb37773f2267276f723a7 a322f6a2a627fb9f9b1a0e9a9e\
      1f0b8f8b0a1e8a8e0f15d 1d5584cd8dc5145c1c5485cc8cc41 5bdfdb5a4edade5f4bcfcb4a5e\
      cace4f539793120692961 703878302168286071b7f7bfa2e7a 7eff2bafab2afeaaae2ff"

      Next, typedef an unsigned char as a uchar.

      Now declare an array of uint, 11 elements long with the values {5,0,1,2,3,4,0,1,2,3,4};

      Next define a pointer to a uchar F and default the value to NULL.

      Define three variables of type uint: lf0, lf1, out.

      Declare a function ReadKey that takes as a parameter a pointer to a uchar named key and returns nothing (void).

      Write the body of the function as follows:

      Declare i as type integer.
      Declare hst as a 3 byte character array.
      Assign 0 to the value of hst at index 2.

      If F is NULL, then allocate 256 bytes to F.

      Now loop ...

      You get the picture. Would this be illegal? Or speech. Looks like speech to me!

      Recipe for destruction?
  • by donnacha ( 161610 ) on Thursday May 23, 2002 @02:39PM (#3574655) Homepage


    Damn, if they make DeCSS legal, my ownership of a T-Shirt with the DeCSS code written on it will be completely meaningless!

    Let's hope that the lower court's decision is quashed.

  • by sanermind ( 512885 ) on Thursday May 23, 2002 @02:40PM (#3574665)
    Why not put the deCSS program text in your email signature, so everytime you email a friend you 'polute' their spools, servers, backups, with yet another offending copy.
    • I was thinking, if you're a programmer you could hide it at the tail end of any binary file that you distribute or include it as comments in your source code. Imbed it into images on your homepage. Find any and every method of distributing it.

      I'm trying to figure out why the MPAA is still pushing the issue. I may not have even heard of DeCSS if not for this case and it's certainly encouraging more and more people to distribute it than had the MPAA not bothered with it.

      Then again, Jack Valenti thinks he can have anyone he wants thrown in jail. The man deserves to be set on fire.
  • Story not about 2600 (Score:5, Informative)

    by Eric Seppanen ( 79060 ) on Thursday May 23, 2002 @02:41PM (#3574671)
    This story is about the case that's in California, and getting batted back and forth among California state courts. No trial has happened yet; they're still arguing over preliminary injunctions and jurisdiction.

    The 2600 case was in federal court in New York. They lost the trial, and were also shot down by the federal appeals court.


    • Yes, but there is a pretty important legal link

      From the NewsBytes article [newsbytes.com]:

      Attorneys for the DVD CCA declined to comment on today's filing. When the group filed its appeal two months ago, it said a November 2001 ruling in New York supports its assertion that the First Amendment was not intended to block courts from preventing the illegal distribution of a program that improperly uses DVD CCA's trade secrets.

      IANAL but it seems to me that this courts eventual ruling will have important implications for any further action the 2600 crew decide to take.

      • by stevew ( 4845 )
        A couple of points - California is under the 9th circuit which has previously held that code=speech. Not the case in other jurisdictions. So a state court saying it's speech is just going along with the 9th circuit.

        The other point that is interesting is that the damn DVD CCA claims the secrets were stolen. No -they were reverse engineered. There is a BIG difference! That little point seems to be lost in the shuffle.

        Stolen implies someone walked into a vendor that had the secret and swipped it some how. Taint the case. A teenager working on his computer at home worked it out. Hmm - doesn't that make it not a trade secret anymore?????

        • Reverse-engineered? I thought that the whole DeCSS thing came about because Xing's XingDVD player program didn't encrypt the key in memory. After getting this key, the process of backtracking the workings of DeCSS started (including getting several more keys).

          This is more like disassembling and tracing and documenting the code, which I am quite sure is against the license for Xing's (and many other companies') products. Even if DeCSS was "reverse-engineered" from this purloined key, it would not really be reverse-engineered because of the method that the key was obtained from.

          As for the the DVD CCA's claim that it is a trade secret, as long as those who were involved with the documentation of DeCSS were not in any way responsible for the safekeeping of the code owned by the DVD CCA (like if they were DVD CCA employees, or employees working on a DVD implementation for a DVD CCA licensee), then there's no trade secret violation. Much as the same as if I "discovered" the formula for Coca-Cola(TM) by kitchen experimentation and posted it on Slashdot.

          The only gripe the DVD CCA should have here is the way Xing implemented their decryption method. Since Xing was bought by Real, now it should be Real's legal problem.

          • As pointed out by Seth Finkelstein [sethf.com] in comments a few days ago [slashdot.org] (and another comment) [slashdot.org]

            Comments, like this one, are ripe for quotes to be taken out of context. ARE BEING USED IN TESTIMONY FOR THE MPAA [harvard.edu]. Why give them bullets to shoot us with? Especially bullets that are inapplicable. (And you gave a great quote that can be taken out of context: ``Even if DeCSS was "reverse-engineered" from this purloined key, it would not really be reverse-engineered because of the method that the key was obtained from.

            There are no Miranda rights. Anything said on slashdot is being held as an opinion of our community. What is said is being held against 2600, me, and the ideals EFF stands for. Our community isn't homogeneous, but what you say in the future may be used against me, personally, [slashdot.org] because the views you espouse will be put into our mouths, purportedly proving that we knew what we were doing was illegal [harvard.edu], which it isn't.

            Either reverse engineering is legal or it isn't. If it is, then, I don't know what the legal implications may be. (Reverse engineering being classified as illegal would be such a radical departure, I can't envision it. But if you feel it is, ignore what I have to say below which rests on the assumption that a shrink/click-wrap prohibition on reverse engineering sold goods is legal.)

            Assuming reverse engineering is legal, any trade secret derived from Xing's player loses its protected status. IE, anything learned from Xing's player, including the algorithms and keys it uses are now public. Remember, trade secret protections are designed prevent ill-gotten gains from industrial espionage. Which is why they don't apply if they, for example, accidently publish the trade secret, or it gets reverse engineered, thats legitimate.

            Anyhoo.. Next time, please be a little more careful in what you say, and how it may be misquoted. Actually, this applies to everyone.

    • Further differences between the two cases mentioned:

      The federal (2600/NY) case was brought under the big bad DMCA anticircumvention laws. Since these laws are pretty new, were mostly untested, and are so vague that they can arguably be applied to almost anything, this case caused a lot more concern about the stretching boundaries of copyright.

      The California case is not brought under the DMCA; it was brought under state trade-secret laws. These laws aren't new, are better understood, and their limits are better defined. The other issues (jurisdiction and free-speech conflicts) are also a lot less murky than the DMCA. So while this case is still a big cause for concern, it's not about ever-expanding copyright law or the DMCA. It's more about Big Media smacking programmers with a bag of lawyers, whether or not the law backs them up.

  • At least not until a third-party DVD player becomes available for Linux for free (yeah right), although this will only put the real problem here on hold.

    security? we don' need no stinkin' security!

  • DeCSS is only going to come under more and more attack. Senator Tom Daschel was already quoted as saying that he would be "behind legislation agaainst any DeCSS propaganda or code whatseover". This apparently was stated after it was rumoured that hos own son had brought the DeCSS song on MP3 to school, where it was confiscated by his teacher. (http://routers.com).

    The irony in this is funny, but it is plain to see that this trend will just keep continuing.

    • Senator Tom Daschel was already quoted as saying that he would be "behind legislation agaainst any DeCSS propaganda or code whatseover". This apparently was stated after it was rumoured that hos own son had brought the DeCSS song on MP3 to school, where it was confiscated by his teacher. (http://routers.com).

      That [google.com] is [routers.com] bullshit [google.com]. I hope you're not a Republican; you're making them look like liars.
  • Excellent point (Score:5, Insightful)

    by SocialWorm ( 316263 ) on Thursday May 23, 2002 @02:44PM (#3574694) Homepage
    The article sayth:
    "[This] is not an interest that is 'more fundamental' than the First Amendment right to freedom of speech or even on equal footing with the national security interests or other vital governmental interests that have previously been found insufficient to justify a prior restraint."

    Seriously, since when did the ??AA's become more powerful or important than national security? Who put them on their pedestal? Who died and gave them the monarchy?

    Just shows you where this country's priorities are. Trading freedom for security is bad enough. Trading freedom for entertainment is disgusting.
    • Who died ...

      That would be democracy.

      Kill in the whitehouse, by big business, with the bag-full-o-money.

      I'm sorry, you lose.

      To play again, please rewind to 1776.

  • by jeffy124 ( 453342 ) on Thursday May 23, 2002 @02:44PM (#3574698) Homepage Journal
    in NY, 2600 was told to take down DeCSS.

    in CA, Brunner was told he was allowed to keep it up.

    Anyone catch that? Two similar if not identical cases have different rulings based on the same law.

    Questions --
    Have there been other sets of cases that have had the same law interpreted in two different directions? What was the outcome? Are such laws considered ambiguous and thus in need of clarification? Who makes taht decision?
  • Not stolen secret! (Score:4, Insightful)

    by Anonymous Coward on Thursday May 23, 2002 @02:46PM (#3574715)
    "Historically, the dissemination of stolen trade secrets has not been protected by the First Amendment," the DVD CCA wrote in its brief. It said the injunction, "was not aimed at restricting speech, but was intended solely to protect against the evisceration of trade secrets that are the motion picture industry's critical means of defense against widespread digital pirating of its valuable copyrighted works."

    This secret was not stolen, it was reverse-engineered! Their argument is bullsh**.

    • by Anonymous Coward
      Jon Johannsen got the code from an unlocked area of a player IIRC.

      Trade secret, let out by mistake = no trade secret.
    • by Anonymous Coward
      It wasn't reverse-engineered cleanly, though.
      Remember that is was obtained by looking through unencrypted code in the Xing player.
      The guy who wrote it even admited that an anonymous source led him to the Xing player to look for the one key to break. After that, the rest of the manufacturer keys were cracked with ease.

      If it had been a clean room reverse, then they would have more of a leg to stand on.
    • While everyone was discussing the tautology of newspapers, including the Wash. Post being full of shit...

      The report from Mitre Corp. discussed in Thursday's thread [slashdot.org] on the Washington Post's article contained one very interesting point regarding Assuring the Safety and Security of COTS Software Products [mitre.org] very relevant to the DMCA:

      The absence of source code precludes some analyses to certify the code, and it may be illegal to do reverse engineering of commercial products to deduce the code.
      So ideally, the government needs to be able to either read the source (i.e. some form of Open Source) or be able to reverse engineer the product (i.e. no DMCA). Obviously the former is more efficient. Either way brings attention to the practical problems caused by the DMCA.

      Awareness of the DMCA is creeping in to more trade journals. The February 2002 issue of Scientific Computing & Instrumentation [scimag.com] features a special report on the DMCA [scimag.com] (page 54 of the dead tree version):

      Many scientists, librarians, and academics opposed the bill at the time, and the multiple provisions of the bill are now proving how real their concerns were.
      ...
      Forget about Napster -- this law has the potential to halt your reserach work, or have you thrown into jail.

      The 1700's saw a serious of protections from governmental abuses, it looks like the 2000's will see a series of protections against similar corporate abuses. It'll happen sooner than later if Europe decides to learn from the U.S.'s mistakes this time rather than emulated them.

  • by pstreck ( 558593 ) on Thursday May 23, 2002 @02:46PM (#3574716)
    "I see in the near future a crisis approaching that unnerves me and causes me to tremble for the safety of my country.... Corporations have been enthroned and an era of corruption in high places will follow, and the money power of the country will endeavor to prolong its reign by working upon the prejudices of the people until all wealth is aggregated in a few hands and the Republic is destroyed."
    -Abraham Lincoln
    • "These capitalists generally act harmoniously and in concert to fleece the people, and now that they have got into a quarrel with themselves, we are called upon to appropriate the people's money to settle the quarrel."

      speech to Illinois legislature, Jan. 1837.
      See Vol. 1, p. 24 of Lincoln's Complete Works,
      ed. by Nicolay and Hay, 1905)
  • by Eric Damron ( 553630 ) on Thursday May 23, 2002 @02:46PM (#3574719)
    "Historically, the dissemination of stolen trade secrets has not been protected by the First Amendment," the DVD CCA wrote in its brief."

    This "trade secret" was NOT stolen. No one hacked into anybody's computer or broke into anyone's office to steal anything. The encryption technique was reverse engineered which IS legal. Discussing the reverse engineering process and ones findings with others IS legal and protected by the first amendment.

    • How can it be a trade secret if every DVD manufacturer knows it?? Isn't a trade secret is something makes one company more competetive than others in the same or similar field. Even www.dictionary.com [dictionary.com] (via American Heritage) defines a trade secret as:
      trade secret n. A secret formula, method, or device that gives one an advantage over competitors
      What is it about the DVD encryption algorithm that gives DVD manufacturers a competitive advantage over, say putting a movie on video tape? If I learn the secret formula for Pepsi, I can make all the Pepsi I want for my own use, and there isn't a damn thing Pepsico can do. But I probably couldn't market a similar brand without paying fees. Isn't using the DeCSS algorithm the same thing?

      Now, if I found a secret to making a DVD with less costs or faster, that would be a trade secret. Or if I found a way to improve the quality of the image or put more data on the disk, that would be a trade secret. That is, until everyone found out about it. Then it becomes common knowlege.

      Maybe we are fighting this, and other things like DCMA, the wrong way. Maybe it is time to bring unfair trade practice laws to bear and be the plaintiff for a change.

      The disadvantage of being a monopoly is you have to play even fairer. Well, maybe in theory anyway.
      • by jms ( 11418 ) on Thursday May 23, 2002 @05:51PM (#3575749)
        How can it be a trade secret if every DVD manufacturer knows it??

        It's a trade secret of an organization called the "DVD Copy Control Association" - or, the DVDCCA.

        They license the trade secret to all of the player manufacturers, and in return, the player manufacturers sign a contract that, among other things, forbids them from building DVD players with unencrypted digital outputs, and requires them to include Macrovision distortion in the analog output signal. The contract also forbids the disclosure of the CSS algorithm.

        The result is that, prior to DeCSS, if you wanted to manufacture DVD players, you needed to sign the contract and agree to the terms in order to obtain the necessary technology to decode DVDs.

        Now, the CSS algorithm is cracked.

        The danger that the industry is facing is this. If CSS is deemed, by the courts, to be a legitimately reverse-engineered trade secret, then the CSS decoding process would enter the public domain. If that were to happen, it would clear the way for the manufacture of DVDs without having to obey the restrictions of the CSS contract.

        In other words, it would allow companies to start manufacturing DVD players with such desirable features as no Macrovision, and digital MPEG outputs. But it wouldn't allow all companies to do so ...

        ... only those companies that had not signed a contract with the DVDCAA. In other words, the entire current player industry would be shut out -- they would be still required, by their DVDCCA contracts, to install Macrovision, and not offer digital outputs. This would be a disaster for the current crop of player manufacturers.

        There's a reason that they are fighting so hard to force CSS into the category of "stolen trade secret" -- by sheer force of will, apparently. If DeCSS were to be ruled a stolen trade secret, then the courts would prevent anyone else from making commercial use of the algorithm.

        This would be an incredible win for the movie industry -- they would receive what would be in effect a perpetual patent -- the right to exclude others from employing a process.

        Note that they are fighting this battle on different fronts -- the DMCA case is to try and outlaw the dissemination of the algorithm. The Trade Secret case is to try and outlaw the implementation of the algorithm. They are fighting tooth and nail to control not the right to manufacture DVD players, but the right to dictate what features may and may not be included in DVD players.

        • Commercial interests < public interests
          Free Speech > Financial welfare of any company/industry

          Sorry the companies made a bad deal, but it isn't my problem and it isn't 2600's problem. It was reverse-engineered; no one is disputing this. It was poorly conceived, and now several companies will suffer for it. Better luck next time, but this is capitalism - the government isn't supposed to save your ass when you screw up. Take a look at Enron if you doubt me, or any other business that has ever gone under. Just because you're a large industry with alot of money doesn't mean you get to circumvent all of society because you banked on a flawed technology. If code is not free speech, and can be a trade secret, then I'm going to start a company that does nothing but encode famous speeches and quotes into c, and then have protection granted to them as my trade secret.

  • by bedessen ( 411686 ) on Thursday May 23, 2002 @02:57PM (#3574793) Journal
    Take a Sharpie marker pen and print one of the CSS descramblers [cmu.edu] on it. Hey, now you've got a convenient 2-in-1 DCMA infringement device. Somebody get the ThinkGeek product guys on the phone...
  • by germinatoras ( 465782 ) on Thursday May 23, 2002 @03:04PM (#3574840) Homepage

    I understand why the MPAA wants to protect its intellectual property, but they need to fight piracy by either making the factory-made products worth buying or prosecute those individuals who pirate them. I want to be able to rip a VOB and play it back on my laptop without having to break the law in the process. I think that the MPAA would rather strip millions of legitimate users of their rights to fair use, rather than spend the money to fight a few individuals who are massively distributing illegal copies of a copyrighted product.

  • by warpSpeed ( 67927 ) <slashdot@fredcom.com> on Thursday May 23, 2002 @03:05PM (#3574849) Homepage Journal
    "No stolen trade secret can survive if the courts are powerless to enjoin its widespread disclosure," the brief said.

    Hasn't DeCSS already experience wide spread disclosure. This is kind of like closing the barn door after the horse has left the building.

    It is the RIAA/MPAA that are becoming powerless...

  • by Rupert ( 28001 ) on Thursday May 23, 2002 @03:07PM (#3574859) Homepage Journal
    If you have a trade secret, and someone posts it to, e.g., Slashdot, that does not give every /. reader the right to republish it on their personal websites.

    Now, if you have 400 trade secrets, and you burn them all onto a shiny metal disk, and you sell 20 million copies of that disk, and someone works out from one of those disks what the secrets are, your case is a lot weaker. Independent discovery is, AFAIK, a defense against trade secret violations (and copyright, too, but not patents or trademarks).
    • Most of those law-talkin' guys would agree that independent discovery and reverse engineering are protection from trade secrets.

      For example:

      http://www.lawguru.com/faq/19.5.html [lawguru.com]

    • And, more importantly, if your trade secret is merely an instance of an already publicly known mathematical process, and the only thing you added was to pick the random constants that are used as the keys to feed to the algorithm, that hardly constitutes a "secret". It's like saying, "Here, I will write a piece of code:
      x = 5.5 * y;
      There, now I'll copyright that and I'm the only person that's allowed to multiply things by 5.4, because nobody else thought to copyright such a simple thing before so I was the first to do it, so the idea is all mine."

      Plus, if you dissemate your information to *everyone* who makes DVD consoles and DVD software, with the only caveat being that they must not let users circumvent annoying features of DVD technology (like country codes and no-skip sections), then that hardly constitutes a "trade secret" even if it was a wonderful great new idea and not just an instance of an already known mathematical process.

  • by Anonymous Coward on Thursday May 23, 2002 @03:07PM (#3574862)
    So this guy says to me "#!/usr/bin/perl
    # 472-byte qrpff, Keith Winstein and Marc Horowitz
    # MPEG 2 PS VOB file -> descrambled output on stdout.
    # usage: perl -I :::: qrpff
    # where k1..k5 are the title key bytes in least to most-significant order

    s''$/=\2048;while(){G=29;R=142;if((@a=unqT="C*", _) [20]_=unqb24,qT,@
    b=map{ord qB8,unqb8,qT,_^$a[--D]}@INC;s/...$/1$Q=unqV,qb25,_ ; =73;O=$b[4]>8^(P=(E=255)>12^Q>>4^Q/8^Q ))>8^(E>14=8
    )+=P+(~Fs/[D-HO-U_]/\$$s/q/pack+/g;e val
    ".

    So of course I punched him.
  • by browser_war_pow ( 100778 ) on Thursday May 23, 2002 @03:22PM (#3574925) Homepage

    The CBDTPA is actually very good for the movement to bring about the death of legislation like the DMCA. I saw a review of the CBDTPA in a roanoke paper about 2 weeks ago and it was really cool seeing a common newspaper make a big feature in its op-ed section about the CBDTPA. People trust newspapers a lot more than they trust websites. Newspapers cost money to produce (so do websites), but websites don't in the eyes of John Q. Citizen. Anyone can make a website is the general view, even though hosting a major website requires an assload of money to pay for bandwidth, high end equipment and a full time staff. Using the Internet to propagandize is not as easy as people think.

    What we need are Win32 and OS X open source or free as in beer cd/dvd rippers that make defeating copy restrictions as easy as installing a new plugin. We need to force the issue by making the cartels so desparate they call for the complete destruction of individual property rights as they pertain to IP. The CBDTPA wasn't quite that, we need to get them so desparate that they propose something that makes it a felony to own a computer that can copy music and movies. We need to make John Q. Citizen so scared of their proposals that he says, "listen asshole, you have two choices, protect my rights or their bottom line. You know where I'm voting now!!" to their representatives out of anger and sheer rage. Essentially we need to take demagoguery to a new level, if you support these industries you are supporting your child's inevitable felony prison sentence for making a custom workout mix cd.

    What we can do are the following

    1. Make easily read and intepretted brochures for distribution at elections that say in plain English what copyright laws do and would do if enacted.
    2. Tell people where their representatives really stand. In those brochures show how they voted and again, say in plain English what the nastier parts of the law really do
    3. Use as many controversial quotes by the RIAA and MPAA's executives whenever possible. Take away the image that they are hard working capitalists, and help make them look like lobbyists for corporate welfare babies.
    4. Make these companies look like they have complete and utter contempt (which admittedly a lot of them actually do) for their customers not just as property owners, but as human beings. Make them look like they could give a damn less about individual rights and that they will not stop trying to use the government to violently crush competition until they themselves are crushed by either the government or (preferably) the marketplace.
    5. Use industry statistics to show that most artists never get compensated anyway and show that copying cannot be stealing because it creates new property
    6. and finally, tell the people that they can make a difference. They can buy music from local bands, buy cds used so they aren't funding their oppressors, allow others to access their mp3s if they have broadband.

    We must make these people look like absolute monsters to the public. We must find ways to associate RIAA/MPAA with the same feelings that most people reserve for Fascists and Communists. The average person must start looking at it from this perspective, "he is not advocating compensating people for their work, he is advocating the annihilation of my property rights." Once we have achieved that, we can effectively dismantle modern copywrong law and get it back to being constitutional copyright law.

  • For those of you who actually care about the article:

    The article didn't mention the DMCA. They are trying to protect DeCSS as a 'trade secret.' Now, as I understand trade secret law, it is no longer a trade secret once it has been reverse engineered. So where do they get off making that claim?
  • by Amazing Quantum Man ( 458715 ) on Thursday May 23, 2002 @04:29PM (#3575337) Homepage
    From the article:
    In addition, the court found that DeCSS is "pure speech" for the purposes of First Amendment protection.

    Say what you will about CA, our courts get it! This is from the CA State Appeals Court Ruling.
  • "The Electronic Frontier Foundation and the First Amendment Project today asked the California Supreme Court to uphold a lower court's decision to permit publication of the source code for DeCSS technology, which circumvents digital copy protection systems."

    Perhaps it should read...

    "The Electronic Frontier Foundation and the First Amendment Project today asked the California Supreme Court to uphold a lower court's decision to permit publication of the source code for DeCSS technology, which informs technically capable people how DVDs are encrypted."

    Clarification... DeCSS by itself does not circumvent copy protection!!! Only the *abuse* of DeCSS during application does.

    Technically inept people shouldn't be making decisions about technology they don't understand. For example, would I, a computer programmer, make critical decisions about launching the space shuttle? Probably not.

    Go 2600 and stick it to 'em!
  • The real problem. (Score:2, Insightful)

    by BigFootApe ( 264256 )
    The real problem, I think, lies with the inability of business to reconcile itself with an information economy. Groups like the MPAA (and Unisys, and RSA Data Sec.) want to provide information as a product. To do so, they have to control the availability of this 'product' to the end user.

    In every other part of the Universe, it is the specific product which is patented. If you make a carbon copy of a Honda Accord, then you'll get sued. If you make a vehicle with four wheels, four doors and an engine, you won't. In academia, if you make a discovery, then some time later another person claims to have made the same discovery, that person -- except in rare cases -- you will be laughed out of town, but reproducing the same result via independent work is okay.

    So, reproducing the DeCSS algorithm via independent work is okay via logical extension. As for breaking copyright protection, this is really governed by two laws: the so called "Betamax decision" from which the fair-use concept is derived, and by the DMCA. Although I don't know much about the DMCA, fair-use says that any particular consumer of media content can copy it limitlessly for backup, personal storage, alternate viewing, or whatever. Ripping a DVD to DIVX is perfectly legal, as long as you don't redistribute it and merely use it for personal viewing.
  • I don't have a citation for you, but I have read the california statute that specifically states that reverse engineering is legal.

    You might be suprised to hear that. But consider what the point of the structure of patents is set up for - if you invent something, and you disclose your invention to the patent office, with instructions clear enough that someone "skilled in the art" can reproduce your invention, then you can be granted a patent.

    Part of the idea is that once the patent expires, it goes into the public domain, along with explicit instructions for how to make your invention. Thus society as a whole ultimately benefits from the granting of a temporary monopoly.

    Trade secrets are not legally protected monopolies, specifically because they don't provide the public benefit of putting the invention into the public domain.

    What protection trade secrets have is a matter of keeping people honest. Someone who has signed a nondisclosure agreement is not allowed to disclose the invention, you can't steal it or bribe someone who knows it or whatever.

    But reverse engineering is specifically allowed by california state law, and the law of all the other states as far as I know, in part because it provides a reason for inventors to patent stuff rather than keeping it secret - because that's the only way they can be granted a legal monopoly, and there is no protection from reverse engineering.

    At least there wasn't before the DMCA, and I would argue the constitution makes the DMCA illegal, because it only allows for monopolies to be granted by the patent system. Copyrights are a form of monopoly too, but the constitution doesn't provide legal ground for maintaining copyrights by forbidding devices that can copy, it only forbids actually making copies without permission.

Over the shoulder supervision is more a need of the manager than the programming task.

Working...